What is an Open XDR Platform?
While XDR (eXtended Detection & Response) technology has become the benchmark in the cyber defense arsenal of companies and administrations, the term Open XDR also seems to be the future of these platforms. Marketing promise or revolution in the Cyber ecosystem? Let’s find out what OPEN XDR means, these platforms open to products from multiple […]
Protect your know-how, data and intellectual property from cyber espionage
The last few months have been dense in cyber news, with ransomware attacks and revelations of espionage cases. Let’s take advantage of these increasingly dense and recurring news stories to revisit the attack process, either directly or through the outsourcing chain, while reminding you of good practices to secure your systems. How does an espionage […]
What are Unified Endpoint Security (UES) systems & do you need them?
Definition : what is an UES ? What does it matter at this time ? Endpoint monitoring and protection – the two most popular methods. What is the added value of Unified Endpoint Security systems? And why choose them? The benefits of Unified Endpoint Security? Learn about TEHTRIS UES, a single console solution powered by […]
Zerologon Vulnerability
A vulnerability named Zerologon, with the number CVE-2020-1472, has been made public on August 11, 2020 by Microsoft [1]. It impacts MS-NRPC [2], a protocol required for the proper operation of a Microsoft domain, and used by domain controllers (RODC [3] included). On September 11, 2020, an exploitation code and a white paper associated with […]
What does it take to go from Cybersecurity to Cyber resilience?
As the threat landscape evolves at a breakneck pace and grows in complexity, organizations are now aware that perfect cybersecurity is a myth. It’s no longer a question of if a cyberattack will happen, but when it will happen. Today’s organizational infrastructures are more powerful and more connected to the internet. This dual reality requires […]
Can we disable ransomware launched as a SYSTEM on thousands of machines at the same time?
As everyone knows, there is currently a resurgence of attacks with ransomware all over the world. Cyber criminals have not made a truce despite the Covid-19 pandemic, and some do not seem to have taken any time off during the current summer. From an intelligence and cyber point of view, it is very interesting to […]
SIGRed vulnerability
A vulnerability named SIGRed and numbered CVE-2020-1350 was discovered in 2020 May by the Checkpoint Security Research Team. Risks Remote code execution Server compromission Data exfiltration SIGRed Vulnerability Affected systems The following server versions are affected (when the DNS service is activated): Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for […]
European network sensors
When reviewing logs from a company, TEHTRIS CERT found multiple instances where an IP address had been trying to contact sensitive servers. Since these servers were unknown to open source databases, an investigation was conducted to understand how a potential attacker could identify the IP addresses of the company’s sensitive servers. Approach In order to […]
Handling and Halting the Cybercriminality Pandemic with Data
Data is a necessary evil when it comes to our new world that’s run by technology. It’s both an opportunity as well as a risk for most businesses. Anyone who has anything to do with cybersecurity knows about big data. There is technology that allows us to mine enormous data sets and analyze them to […]
Monitoring Worldwide Cyber Attacks with Data-driven Honeypots
Trapping attackers to take their exploitation techniques is possible and even highly recommended to build a useful threat map. The toolkits and methodologies used by cybercriminal groups are a heritage that is often jealously kept secret to guarantee their effectiveness. Honeypots will be asked to retrieve this information to lift the secrecy surrounding them. Among […]